Paris Hilton and you

It didn't require a California law for data-theft victims to be notified after Paris Hilton's phone book hit the Web a week ago. Oh, they knew. Dozens of celebs, ranging from rapper Eminem to tennis babe Anna Kournikova, suffered through hundreds of calls from fans, pranksters and anyone else who found the contents of Hilton's T-Mobile cell phone on the Internet. There were also snapshots, to-do lists and transcripts of Hilton's text-messaging chats. But what caught headlines were the phone numbers of all those poor, beleaguered B-listers, suddenly out there where any nobody with a dialing finger could call them.

C'mon, stop snickering. I'm getting to a serious point here.

See, Hilton thought all that personal data was on her cell phone, tucked safely away in her ... well, wherever she keeps it. But she was wrong. The data's real home was on T-Mobile's servers. Her Sidekick II phone stored the data there automatically, just as it was designed to.

That arrangement means the data won't be lost if the phone is damaged or the batteries die. But it also means that if anyone were to hack into T-Mobile's servers, they'd have access to whatever Hilton put in her phone: pictures, documents, phone numbers, the works.

And T-Mobile's servers have a history of being hacked. In October 2003, intruders got into T-Mobile's customer databases and acquired passwords and other information that, in turn, let the bad guys access customer accounts. Hilton's account information was reportedly compromised at that time.

So was account information for a hotshot U.S. Secret Service agent, Peter Cavicchia. Cavicchia didn't store the numbers of celebrity friends on his phone -- that is, on T-Mobile's servers. He stored material linked to ongoing Secret Service criminal investigations.

According to the New York Daily News, that allowed one or more hackers to access numerous Secret Service documents, including reports, requests for subpoenas and a confidential treaty with Russia.

Cavicchia has since left the Secret Service, which says the security breach didn't compromise any ongoing investigations. And last week 22-year-old Nicholas Jacobsen pleaded guilty to the 2003 T-Mobile break-in. He'll be sentenced in May.

Now think: If a Secret Service agent stored sensitive information on his phone, how many of your users have likely done the same thing? And even if you've warned them to guard their phones carefully, how many have unknowingly stored sensitive company documents or data on a cell phone company's servers, where the only thing standing between that data and hackers is security you have no control over?

You can't protect that information. You don't even know what information is at risk. And your users don't even know it is at risk.

Not snickering now, are you? We're not talking about glitterati inconvenience and embarrassment any more. This is about your job: protecting your company's data.

What can you do? You could ban the use of state-of-the-art cell phones (which won't work). Or you could carefully audit every user's phone account for security (which would add a huge amount of work).

Or you can once again take on the challenge of educating your users. You can explain the risks of storing company data on their phones. And offer guidance about what data is safest to keep on which phones. And encourage them to consult with IT to keep potential problems to a minimum.

Yes, that's still a big job. It will require educating yourself on cell phone risks, too. But if you can get users to understand what's on the line, maybe you can get them to help you keep that data secure instead of fighting you.

After all, you don't really want to end up like Paris Hilton, do you?

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Frank Hayes

Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?